The past two years have been particularly devastating for data security world-wide, with a number of well-publicized hacks, data breaches and extortion attempts.

Annually SplashData publishes a list of the most common passwords. The list is created using data from more than five million passwords that were leaked by hackers in 2018 and with a quick glance at the list, one thing is clear – we do not learn from our mistakes.

People continue to use easy-to-guess passwords to protect their information. For example, “123456” and “password” retain their top two spots on the list—for the fifth consecutive year and variations of these two “worst passwords” make up six of the remaining passwords on the list.

SplashData estimates almost 10% of people have used at least one of the 25 worst passwords on this year’s list, and nearly 3% of people have used the worst password – 123456.

Here is the list of the top 10 passwords of 2018:

123456

password

12345678

qwerty

12345

123456789

letmein

1234567

football

iloveyou

Despite this risk, some people think that they are very clever with their passwords:

There is one that is used by a lot of personnel at the university

1q2w3e4r5t

it looks very cryptic, but when you look at a computer keyboard it is easy to spot:

It is a sobering fact that most people still underestimate the importance of having a secure password, and still make mistake to use simple words, numbers as a password.

“Passwords are the only control you have to secure your data with most systems these days. If your password is easily guessed by someone, then the person essentially becomes you. Use the same password across services and devices, and they can take over your digital identity.” Shaun Murphy, CEO of SNDR.

In our next post we look at how to create a strong password you can remember…